Vulnerabilities

CVE-2013-4623

by Fred · 30/09/2013

The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certificate message that contains a PEM encoded certificate.

Date published : 2013-09-30

http://www.securityfocus.com/bid/61764

https://bugzilla.redhat.com/show_bug.cgi?id=997767

Similar

Tags: Cybersecurity Alert